[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: DNS server differences RaQ2 / RaQ3

Subject: [cobalt-users] Re: DNS server differences RaQ2 / RaQ3
From: dfd <dfd@xxxxxxxxxxx>
Date: Sat Feb 26 22:42:38 2000

Hi,

>My RaQ2 systems, which are rented, are running "bind 8.1.2", and, like as 
>in all other implementations of bind I've ever run, standard DNS zone 
>files, as defined, explained and documented in the O'Reilly book "DNS & 
>Bind", work fine.
>
>On RaQ3 systems on which I've consulted, running "bind 8.2", the first line 
>of the file must be: "$TTL <number>" where <number> is the time-to-live in 
>seconds, or I get an error when I first load bind, in /var/log/messages.
>
>These same files, with "$TTL <number>" on the first line, give me an error 
>in /var/log/messages when I run them on "bind 8.1.2" systems.
>

$TTL is optional, allthough its probably best to include it.  The errors
you get in logs are just warnings, bind will proceed to load the zone file
with $TTL or not (tested on 8.2.2-P5).  $TTL only exists in BIND 8.2.x so
it wont work with the RAQ2's default bind version.

$TTL has to do with negative caching and there is more (allbeit somewhat
technical) about it at http://www.isi.edu/in-notes/rfc2308.txt (especially
section 4 "SOA Minimum Field").  

>Since "DNS and Bind", which I use as my bible, only documents versions 
>through 8.1.2, I'm at a loss here.  The "CHANGES" file that comes with bind 
>8.1.2 is just too terse for me to figure out <frown>.
>
>So I guess the questions are:
>
>1) what version of bind does a RaQ2, as issued by Cobalt, run?

According to "rpm -q -a | grep bind", 8.1.2:

bind-8.1.2-4libc
bind-utils-8.1.2-4libc

>
>2) what version of bind should I be running on my RaQ2s?

I would recommend the most recent version of bind only from a security
standpoint.  There are quite a few vulnerabilites in prior versions.  BIND
8.2.2-P5 is the most current and has fixed all known issues.  There's a
good list of the vulnerabilities and at the bottom a summary of what
versions are affected:

http://www.isc.org/products/BIND/bind-security-19991108.html

Having said that, it's unfortunate cobalt hasnt released a bind update for
the RAQ1 and 2.  You're left to compiling it yourself and probably breaking
the web based dns config and voiding your warranty or leave your machine
open to exploits. :(

>
>3) is there any documentation of the changes in a format I'll understand 
><wry grin>?

There is a bit of info at:
http://www.isc.org/products/BIND/docs/bind8.2_highlights.html

Also there are some other resources at:
http://www.isc.org/products/BIND/
http://www.dns.net/dnsrd/

- Dave

Follow-Ups:
- Re: [cobalt-users] Re: DNS server differences RaQ2 / RaQ3
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-users] Auto-running programs
Next by Date: Re: [cobalt-users] Cobalt List Spammer
Previous by thread: [cobalt-users] Best CGI-BIN location for system wide counters?
Next by thread: Re: [cobalt-users] Re: DNS server differences RaQ2 / RaQ3

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index